Here at Little Big Voice Search Engine Marketing we pride ourselves on offering the very best advice and guidance to clients. As the Internet grows and online businesses grow and develop new strategies, the need for security is higher than ever.
So if you want to avoid the pitfalls you may find this guide very useful in defining how you can keep your business and transactions safe from cyber crime.
The risks to businesses:
Selling via the Internet can be fantastic for business, but you need to ensure you can do it without falling victim to things like fraud and charge backs.
These risks include:
Fraudulent purchases (often payments made with stolen cards or card details). These are by far one of the biggest causes of credit card charges from your bank. Essentially the details are used by the fraudster and then a month later, the actual owner of the card does not recognise the transaction and discovers they themselves are a victim of fraud. In this case, the bank will issue what is known as a charge back, which effectively means they ‘take back’ the payment that was made, leaving you out of pocket.
The next area is of course ‘hacking’ or unauthorised access to your customer details – which can include things like credit card details and personal information.
Denial of Service attacks are on the increase as well, where computer vandals will try to disrupt your business by attacking your website. Usually this is caused by a sudden high demand from a number of IP addresses at the same time, which either makes your website run very slowly or even crash.
Of course if you are a victim of any of the above, this can then lead to your customers losing faith in your services, which in turn affects your future business significantly.
So how can you try to avoid them?
You need to be part detective and most certainly aware of ‘suspicious’ activity such as:
- Ordering large quantities of expensive products
- Making numerous orders in a very short time frame for small amounts
- Use of free web email addresses (such as Hotmail)
- Card delivery addresses that do not match the registered card address
- Using PO Box addresses for delivery
- International orders
- Orders placed late at night
- Communication only through email
- No landline number given or mobile number that does not work
Of course you need to apply some logic to things, as we often purchase online and want things delivered to other addresses for convenience, but it is worth defining a security process to help combat the safety of your business.
If you feel that a purchase is suspicious then you may consider the following:
- Call the buyer and ask to talk to the card holder. If you can’t get a number, ask for one. How do they sound? Are they responsive or do they take time to answer your questions?
- As for a fax of the back strip of the credit card or proof of name and address. It would be advisable to carry out all other checks before doing this though, as if you go in too quickly, you could end up offending a genuine customer.
- Contact your payment merchant to do a phone check. This can cost money, but if it’s a high transaction it is probably worth checking. You can usually check the name, address and post code as well as the security number this way.
- If you are going to deliver to a different address, perhaps integrate harder security measures for this. As long as you tell the customer this is standard practice to avoid fraud, they will be happy that you care enough to make the extra checks.
- For B2B work, always run a credit check.
- Always check the card security code. If it doesn’t match the card (even if everything else appears to be fine) contact the customer.
So assuming you’ve got the security of payments sorted from the front end, now you need to make sure your website itself is secure.
People trust websites that have certain elements, clearly visible to them. If they are not, then there’s also a good chance their Internet security system (such as Norton) will tell them your site is not a trusted site. You need to make sure you have this covered.
- Always keep your ecommerce software up to date. Older versions will have flaws that seasoned computer hackers know about, so by keeping it up to date you’re staying ahead of the game.
- Use very strong passwords in your system and change them regularly. Many companies change things once a month.
- Make sure your server is protected by a good firewall and anti-virus software that’s of a professional level.
- Do not under any circumstances store your customers’ information and credit card details on a public ecommerce server. These are easily hackable.
- Make sure you have an up to date SSL certificate and keep the details closely guarded. This is one of the essential elements of good ecommerce sites.
Never assume anything with ecommerce and try to avoid allowing things to simply continue with no review.
Be clear about this and you will manage to generate lots of online business and keep it!